Internet Crime

[Dark_Jester]

As some of you may already know, this semester I'm taking a module in Internet Crime, and this is an area I have a great interest in, I want to be an international expert in this field, write papers and maybe even help to create a substantial virtual police presence on the Internet. Anyway, long story short, I will be doing a dissertation-style piece of coursework on the topic, and I've been thinking about what I should do.
So, I was thinking of a study of the combination of hacking, identity theft and subsequent credit card and social security fraud as my area of focus, or peer to peer file sharing. I'm starting to side with peer-to-peer at the moment because it is a very public area of internet crime-related interest, and so controversial as to its nature. Besides, being a keen music lover I have the interest in the subject. What does everyone think, which should I go with? There's probably more research material on hacking and etc.
Also, has anyone been affected by the internet in some way that could be considered criminal? Just as details sold on to other companies, e-harrassment etc?

 

[Wanderingblade]

Provided you look long enough, theres probably enough research material for anything - although I would look first.

As for faked personalities and the like, I've seen a few - but as it wasn't done for gain, what harm is there in it? The problem lies in spotting the jokers from the fraudsters.

However, go with P2P and lay the smackdown on metallica is my opinion

There you go. The pennies two* of wb.


*reality checks not included. batteries not included.

 

[rahvin]

yeah, go with p2p ben. hacking is too much of a "let's-do-the-matrix-and-talk-l33t" topic: those who know what there is to know are going to think you're a poser for going for such a hyped subject, and those who don't will just think it's fashionable to discuss teh internet and its many *gasp!* dangers.

filesharing is much more technically challenging imo, as it deals with a number of issues, some not directly related with the internet as anything else but a medium, thus probably allowing you to branch out in other fields where your research might want to expand at some point.
plus we could help.

 

[MagSec4]

Also, has anyone been affected by the internet in some way that could be considered criminal? Just as details sold on to other companies, e-harrassment etc?

:/

I.. was molested by an e-mule 2 years ago this saturday

..they never got the bastard.
Fight for me D_J! avenge the theft of my innocence!

 

[Dark_Jester]

With fire and steel, you SHALL be avenged, brave warrior!

WB and Rahvin: Ok, will do I think :0

Everyone else: keep posting, I want anything anyone can give me

 

[rahvin]

I.. was molested by an e-mule 2 years ago this saturday

*rotfl*


...

...


*panicks and shuts down e-mule cutting off 23 c.s.i. vegas season 3 episodes*

 

[Malaclypse]

well, identity theft and all that may not be a huge thing right now, but i bet it will be. once things like digital signatures become more common and used, there will of course be people trying to fake/hack their own or other identities.
i wouldn't go for peer2peer simply because you can't make much money with it. it may be an interesting field, but its of no use being an expert. i guess the whole thing is just being bloated right now by media.
so better go for identity hacks as well as normal security violation hacks, because they will always be. credit cards, or better said the billing via the internet & credit card numbers will probably be extinct in a few years or a century.

 

[Dark_Jester]

That's also an interesting idea I have to consider. This university project can only be on one area, but when its my career, I can take on as much as I can handle. I think I'll do some more reading on both. Still no-one affected by cyber crime? Must not be as prolific as feared

 

[Northern Lights]

Well now that you mention it I do remember one guy who somehow got hold of my dad's card code or something like that and proceeded to buy luxury beer from germany...

 

[hyena]

@ben: www.shadowcrew.com is a blimey good starting point. i don't think i've ever seen anything the likes. pm me for more.

EDIT: Looks like the site is in temporary downtime. Might have migrated. Try later.

 

[JackhammerRape]

I think, although the ins and outs of P2p are a good idea, you're going to find yourself limited to a point..

If you cover the main area of hacking, be it viruses, spoofing, stealing of identities, cards, computer intrusion, you've got a much bigger field to play with, and as such, much more leeway to give yourself free reign for developing a good case.

One particular area of interest, (i find anyway, as i have to deal with it every day at work) is the on going fad at the moment for online protection against viruses, due to microsofts inherent flaws in windows, and their subsequent legal cases against the makers of the virus,bounties offered for information on said hackers and so on. While not directly related, it'd be damn good to research on.

Another area is that of intrusion, how easy it is to break into someones computer, and steal their information, and the current fad for exploiting people without firewalls. a spoofed email turns upwith a file that they open, trojan gets run, all imformation is keylogged and sent back to hacker, and it may well be worth looking at the extent of damage they can do, and the high levels of spoofing that is going on, especially with regard to credit cards.

head over to the symantec site and give the daily list of update virus threats a peruse, it will show you in detail the level of damage they can do, and exactly how easy it is to convince someone the credit card account they need to 're-sign' upto, is real.

http://securityresponse.symantec.com/avcenter/vinfodb.html#threat_list

it might give you somewhere to start at least.

and in fact, quick edit, in particular, you might want to look at this example. it gives a good idea of exactly how far hackers are willing to go. the only problem with this is, any sensible person that uses paypal, would probably realise that the colours are wrong, but even then, stupid people still aren't going to realise..

http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.p@mm.html

scary really.. the sheer amount that goes on.. and people wonder why i'm such an internet security nazi... tis my crusade i tell you.. my servers will not be harmed!!!!

 

[Malaclypse]

or you could simply do that stuff which comes along with internet and software in general: patent rights, copyrights, trademarks and all that. also a neverending story.

 

[Arch]

Ben: There's a cable/satellite TV show called CyberCrime on a station called TechTV.
http://www.techtv.com/cybercrime/index.html/

It's worth checking out, if you haven't done so.

 

[Miolo]

the things mentioned by jackhammerrape are quite intriguing, especially credit card hacking. i'd do a research on that. p2p is somehow too a debated topic in these days.

@magsec:

 

[Salamurhaaja]

hack

hack [very common] 1. n. Originally, a quick job that produces what is needed, but not well. 2. n. An incredibly good, and perhaps very time-consuming, piece of work that produces exactly what is needed. 3. vt. To bear emotionally or physically. "I can't hack this heat!" 4. vt. To work on something (typically a program). In an immediate sense: "What are you doing?" "I'm hacking TECO." In a general (time-extended) sense: "What do you do around here?" "I hack TECO." More generally, "I hack `foo'" is roughly equivalent to "`foo' is my major interest (or project)". "I hack solid-state physics." See Hacking X for Y. 5. vt. To pull a prank on. See sense 2 and hacker (sense 5). 6. vi. To interact with a computer in a playful and exploratory rather than goal-directed way. "Whatcha up to?" "Oh, just hacking." 7. n. Short for hacker. 8. See nethack. 9. [MIT] v. To explore the basements, roof ledges, and steam tunnels of a large, institutional building, to the dismay of Physical Plant workers and (since this is usually performed at educational institutions) the Campus Police. This activity has been found to be eerily similar to playing adventure games such as Dungeons and Dragons and Zork. See also vadding.

Constructions on this term abound. They include `happy hacking' (a farewell), `how's hacking?' (a friendly greeting among hackers) and `hack, hack' (a fairly content-free but friendly comment, often used as a temporary farewell). For more on this totipotent term see " The Meaning of Hack". See also neat hack, real hack.

Source: The Jargon Dictionary

crack

crack [warez d00dz] 1. v. To break into a system (compare cracker). 2. v. Action of removing the copy protection from a commercial program. People who write cracks consider themselves challenged by the copy protection measures. They will often do it as much to show that they are smarter than the developper who designed the copy protection scheme than to actually copy the program. 3. n. A program, instructions or patch used to remove the copy protection of a program or to uncripple features from a demo/time limited program. 4. An exploit.

Source: The Jargon Dictionary

Just so you know that virii and all that crap has nothing to do with hacking,
it is cracking, moronic media people confuse the 2 all the time cos they...
well, are moronic.

for P2P there is a good news site you should check out: Zeropaid.com
Most likely the largest news site of the kind, has all the related news
posted on it.

 

[Salamurhaaja]

I will add a bunch of security/cracking related links once I get home, we
have a filter at work, so I don't bother keeping the links here.
(even tho I could easily crack the filter.)

 

[Salamurhaaja]

it gives a good idea of exactly how far hackers are willing to go.

And by hackers you mean crackers

 

[Miolo]

since salmy clarified the difference between hacker and cracker i can't help but thinking of little thin biscuits trying to break into my system.

 

[Salamurhaaja]

since salmy clarified the difference between hacker and cracker i can't help but thinking of little thin biscuits trying to break into my system.

They already did, your comp has a lot of cookies in it

 

[Dark_Jester]

Everyone, thank you for your input, its great to have friends so willing to help out

NL: I wonder who that could've been
Hyena: It's still down, I'm gonna run a search on them now to see what I can find, thanks for the tip-off
Jack: Excellent information dude, I'd love to work for symantec or a similar group as their cybercrime representative. I've checked out the information, and now I'm having a look around at how it all works so I can base a paper on it.
VC: Yeah, that area is interesting and always updating, but unfortunately, those areas are more civil-law based than criminal-law based. In the English legal system, those topics come under the heading of commercial intellectual property. Thanks though
Arch: Reading the site now, thanks
Salami: Excellent information, and its good to have the exact definitions as well. I can definitely use what you've given me, thank you
Miolo: Nice to see you're in good form

Ok, from this information, I think I'm going to go down the identity theft, fraud and cracking route for this paper, taking into account the paypal scheme Jack mentioned, and how the crackers worked on it. Thanks very much for your feedback everyone